﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Data;
using System.Data.SqlClient;
using System.Data.Common;
using System.Web.UI.WebControls;
using DataAccess;
using System.Web.Services;

public partial class _Default : System.Web.UI.Page
{
    protected void Page_Load(object sender, EventArgs e)
    {
        if (Session["Admin"] != null)
            Response.Redirect("Default.aspx");
    }
   
    protected void but_login_Click(object sender, EventArgs e)
    {
        string Username = username_id.Text;
        string Password = password.Text;
        string Fullname = "";
        string md5password = System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFile(Password, "MD5");
        DbCommand cmd = GenericData.CreateCommand();
        
        cmd.CommandText = "SELECT Username, Password, Fullname FROM Candidate Where Username = '" + Username + "' and Password = '" + md5password + "'";
        DataTable table = GenericData.ExecuteReader(cmd);


        if (table.Rows.Count > 0)
        {
            Fullname = table.Rows[0]["Fullname"].ToString();
          
            Session.Add("Username", Username);
            Session.Add("Fullname", Fullname);
            Response.Redirect("ExamInfo.aspx");
        }
        else
        {           
            Response.Write("<script type='text/javascript'>alert('Input Username / Password is wrong');</script>");
        }
    }
}